A new mobile trojan dubbed “DeathRing” is being pre-loaded on to smartphones somewhere in the supply chain, warn researchers at mobile security firm Lookout.
DeathRing is a Trojan believed to be of Chinese origin that masquerades as a ringtone app, but can download SMS and browser content from its command and control server to the victim’s phone.

DeathRing could use SMS content to phish a victim’s personal information, for example, using fake text messages requesting the data.  
The malware could also use browser content to prompt victims to download further Android application packages (APKs), which may include more malware.
Lookout researchers say the malicious app is impossible to remove because it is pre-installed in the system directory.

This is of concern to original equipment makers (OEMs) and retailers because the compromise of mobiles in the supply chain could have a significant impact on customer loyalty and trust in the brand.
Mainly affecting lower-tier smartphones bought in Asian and African countries, this is the second significant example of pre-installed mobile malware that Lookout has found on phones in 2014.
The devices pre-loaded with DeathRing are so far mostly from third-tier manufacturers. The main countries affected are Vietnam, Indonesia, India, Nigeria, Taiwan and China.
Researchers said this signals a potential shift in cyber-criminal strategy towards distributing mobile malware through the supply chain. 
Earlier this year, Lookout detected another pre-loaded piece of malware called Mouabad. Like DeathRing, Mouabad was also pre-installed somewhere in the supply chain and affected predominantly Asian countries, but researchers did see some cases in Spain.
Although it is impossible to remove DeathRing and Mouabad because they are pre-installed in the phone’s system directory, Lookout researchers recommend that mobile users:
Be aware of the origins of the device they are buying.
Download a mobile security app to protect against malware.
Check phone accounts regular for any unusual charges.
More on mobile malware
Mobile malware threats jump 26% in third quarter
Research reveals widespread mobile app hacking
Android versus iOS in the enterprise: A whole new ballgame in 2013
Android versus iOS security: Features, policies and controls
Reassessing Mac enterprise security in face of Flashback malware
Android security model doing best to enable mobile malware spread
How an iOS virus can infect the enterprise and what to do about it
Smartphone malware: Infections will hit one in 20, study predicts
Security issues hit Apple as new OS X released

Email Alerts
Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Read More

Related content from ComputerWeekly.com

RELATED CONTENT FROM THE TECHTARGET NETWORK

Leave a Reply